How To Prevent Data Security Incidents Coming From Within Your Firm

Curbing Compromise: Top Strategies To Prevent Insider Threats

The biggest IT security threat last year? It wasn’t malware. Or ransomware. It wasn’t nation-state actors creating back doors into secure systems or sophisticated hackers jumping the “air gap” between corporate devices. Instead, the dubious honor of top spot went to insiders — employees who (mostly by accident) exposed company data to critical risk.

2018 isn’t looking much better: A public database storing the personal information of 1 billion Indian citizens was breached just after New Year’s by former employees, while expanding mobile device use means greater employee access with even less oversight. More worrisome? Because companies are often looking beyond their network boundaries for potential threats, insider issues can go undetected and unresolved for months. Over half of companies surveyed said the cost of remediating insider threats topped $100,000 in 2017.

Let’s break down five of the most effective:

1. Recognize Your Risk

First step? Recognize the inherent risk of digitally empowered employees. Despite best efforts and good intentions, staff may inadvertently compromise networks. As a result, IT security can never be assumed — instead, it must be clearly spelled out in corporate policy.
This offers two key benefits: Staff understand exactly what’s expected of them when using corporate networks or leveraging off-site services — in turn, reducing the number of “didn’t know” or “wasn’t aware” data breaches. In addition, creating solid policy gives managers and IT admins something to fall back on if staff are unwilling to abide by tech-use rules. Best bet? Clearly define expectations and consequences. For example, a first-time phishing failure might mandate extra employee training. Another incident leads to more intensive review, while a third strike means reduced network privileges.

2. Pump Up Password Policies

Passwords remain popular because they’re a familiar, easy model. Though in many cases, they’re too easy — employees still prefer passwords like “123456” and “password123” for network access. The result? These insecure access details give malicious actors a free pass onto your network. Solving the password problem means mandating specific composition requirements including length, addition of special characters and limited character repetition. Passwords must also be changed every quarter (or at most every six months). If staff don’t comply, restrict access.

3. Open Communication

IT professionals understand the value of SaaS and cloud-based services, but also know the risks. The upshot for employees? Apps and tools they use at home or believe could streamline current projects may be off-limits — prompting them to circumvent IT policies.

While it’s tempting to lock down networks and curtail broad access, the solution to solving “shadow IT” is counterintuitive: Open lines of communication with employees and discover what tools they’re using, why and what IT can do to bridge the gap. By respecting the needs and opinions of tech-savvy staff members — and redirecting them to more secure versions of their preferred applications — it’s possible to on-board staff with InfoSec mandates instead of treating them as the opposition.

4. Lock Down Data

Want to protect critical data? Encrypt everything. Use VPNs. Opt for next-gen firewalls. Why? Because even well-trained and well-meaning staff make mistakes that could compromise corporate networks. By implementing solid encryption, obfuscating network traffic and using cloud-based, adaptable firewall solutions, it’s possible to stop most accidental breaches before they break network boundaries.

5. The Protection of Least Privilege

Fewer data threats means more control over who’s accessing what, when and why. The principle here is “least privilege” — staff only need data access for current projects, and access frameworks should be regularly reviewed. Consider the use of automated identity and access management tools that can help streamline compliance, governance and employee access.

Employees, not outsiders, are the biggest threat to your data. Curb the impact by recognizing your risk, improving password policies, opening lines of communication, and ensuring both data movement and employee access are strictly regulated.